In this post I explain the ins and outs of network booting Raspberry Pis. Some Raspberry Pi models can do this without local persistent storage, and most other modelsc can boot with a minimum of data from an SD card. The operating system used is Arch Linux ARM. After booting the system and as long as it has a network connection to a server hosting the Pi's file system, it can be used as any other Pi that was booted from an SD card.
Recently I had to work around some network filtering systems. One of the tools I use is OpenVPN. What makes OpenVPN great is its flexibility. Either host the server yourself or use one from a third-party VPN provider, of which most support OpenVPN. An issue with having many (third-party) OpenVPN configuration files is that they are not personalized. Sometimes you really need to add some additional options to increase security, but editing many files to allow easy switching of VPN end-points is never fun. There is a solution for this: 'stacked' VPN configurations. One OpenVPN instance can load its configuration from multiple configuration files.
OpenVPN can be used with an obfuscation proxy, such as obfsproxy or obfs4, to avoid identification of VPN traffic through deep packet inspection. In this post I explain a connectivity problem that client-side OpenVPN faces when such a proxy is approached as a local SOCKS proxy by OpenVPN. A solution is provided, of course.